Created
December 7, 2022 14:53
-
-
Save apr-1985/7518d694542d75947f42dd8653503d3b to your computer and use it in GitHub Desktop.
Using-GitHub-Actions-OIDC_Action
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Terraform Plan | |
| on: | |
| push | |
| env: | |
| AWS_REGION : "eu-west-1" | |
| # permission can be added at job level or workflow level | |
| permissions: | |
| id-token: write # This is required for requesting the JWT through OIDC | |
| contents: read # This is required for actions/checkout | |
| jobs: | |
| TerraformPlan: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Git clone the repository | |
| uses: actions/checkout@v3 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| with: | |
| terraform_version: 1.3.0 | |
| - name: configure aws credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| role-to-assume: "ROLE ARN FROM TERRAFORM OUTPUT" | |
| role-session-name: samplerolesession | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Terraform Init | |
| id: init | |
| run: terraform init | |
| - name: Terraform Plan | |
| id: plan | |
| run: | | |
| echo "## Terraform Plan" >> $GITHUB_STEP_SUMMARY | |
| terraform plan -no-color >> $GITHUB_STEP_SUMMARY |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment